• Journal of KIISE:Computing Practices and Letters
• /
• v.7 no.6
• /
• pp.630-640
• /
• 2001

In this paper, we describe the design and implementation of ObjectPeerWork, which is a framework for the development of shared object model-based P2P(Peer-to-Peer) applications. The shared object model can prevent the computing power decrease on the way of resource management by incorporating the resource management function into resources themselves, and raise reliability on shared resources by improving the security problems. Also this model assures expandability by means of distributed component-based request broker manager and module container. The ObjectPeerWork based on this shared object model is a framework which makes the implementation of the enterprise information system possible, and makes distribution of the computing power and efficient resource management possible by improving the weakness in the general P2P model.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.127-131
• /
• 2007

전력선을 이용한 통신 기술(Power Line Communication, PLC)은 현재 국내외에서 큰 관심을 받는 연구 분야로 국내에서도 이에 대한 연구와 개발이 활발히 진행되고 있다. 이 기술은 전력선을 이용하여 음성 데이터 인터넷 등을 고속으로 이용할 수 있는 서비스를 제공하여 나아가 가정의 모든 가정기기들을 연결하는 홈 네트워크를 구성할 수도 있다. 하지만 전력선 통신 기술에는 보안상 많은 문제가 존재한다. 그 이유는 전력선 통신 네트워크가 전력선과 IP망을 둘 다 사용하는 혼합형 네트워크로 구성되어 있기 때문이다. 이로 인해 기존 IP망에서 사용하던 보안 기술들을 그대로 전력선 통신 네트워크에 적용하기에는 많은 어려움이 따르며 새로운 기술을 개발하고 그것을 기존 인프라에 적용하는 것 또한 많은 어려움이 따른다. 이에 본 논문에서는 기존 IP망에서 사용하던 공개키와 대칭키 방식을 이용하여 서로 다른 네트워크로 구성되어 있는 전력선 통신 네트워크의 보안을 위한 혼합형 보안구조를 제안한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.79-92
• /
• 2020

As the number of systems increases and the network size increases, automated attack prediction systems are urgently needed to respond to cyber attacks. In this study, we developed four types of information gathering sensors for collecting asset and vulnerability information, and developed technology to automatically generate attack graphs and predict attack targets. To improve performance, the attack graph generation method is divided into the reachability calculation process and the vulnerability assignment process. It always keeps up to date by starting calculations whenever asset and vulnerability information changes. In order to improve the accuracy of the attack target prediction, the degree of asset risk and the degree of asset reference are reflected. We refer to CVSS(Common Vulnerability Scoring System) for asset risk, and Google's PageRank algorithm for asset reference. The results of attack target prediction is displayed on the web screen and CyCOP(Cyber Common Operation Picture) to help both analysts and decision makers.

• Journal of Internet Computing and Services
• /
• v.7 no.1
• /
• pp.39-47
• /
• 2006

The evaluation of MDx family hash functions such as MD5 is difficult because the design background or a generalized model is unknown. In this paper, an approximated model is proposed to generalize hash functions. The diffusion of a input difference is tested by an approximated model for MD5. The results show that MD5 does not provide perfect diffusion, so MD5 is weak against some attacks. We propose a multiple chaining pattern which provides perfect diffusion in approximated model of hash function without extra calculation or memory. And We show the probability of differential characteristics of our proposal.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5625-5641
• /
• 2017

Certificateless public key cryptography resolves the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based cryptography. In recent years, some good results have been achieved in speeding up the computation of bilinear pairing. However, the computation cost of the pairing is much higher than that of the scalar multiplication over the elliptic curve group. Therefore, it is still significant to design cryptosystem without pairing operations. A multi-signer universal designated multi-verifier signature scheme allows a set of signers to cooperatively generate a public verifiable signature, the signature holder then can propose a new signature such that only the designated set of verifiers can verify it. Multi-signer universal designated multi-verifier signatures are suitable in many different practical applications such as electronic tenders, electronic voting and electronic auctions. In this paper, we propose a certificateless multi-signer universal designated multi-verifier signature scheme and prove the security in the random oracle model. Our scheme does not use pairing operation. To the best of our knowledge, our scheme is the first certificateless multi-signer universal designated multi-verifier signature scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5671-5693
• /
• 2017

With the rapid development of cloud computing, more and more data owners are motivated to outsource their data to cloud for various benefits. Due to serious privacy concerns, sensitive data should be encrypted before being outsourced to the cloud. However, this results that effective data utilization becomes a very challenging task, such as keyword search over ciphertexts. Although many searchable encryption methods have been proposed, they only support exact keyword search. Thus, misspelled keywords in the query will result in wrong or no matching. Very recently, a few methods extends the search capability to fuzzy keyword search. Some of them may result in inaccurate search results. The other methods need very large indexes which inevitably lead to low search efficiency. Additionally, the above fuzzy keyword search methods do not support access control. In our paper, we propose a searchable encryption method which achieves fuzzy search and access control through algorithm design and Ciphertext-Policy Attribute-based Encryption (CP-ABE). In our method, the index is small and the search results are accurate. We present word pattern which can be used to balance the search efficiency and privacy. Finally, we conduct extensive experiments and analyze the security of the proposed method.

• Journal of the Korean housing association
• /
• v.26 no.3
• /
• pp.45-54
• /
• 2015

The purpose of this research is to analyze the wealth effects of home-owning baby-boomers on household consumption on non-durable goods in the Seoul Metropolitan Area. In so doing, this empirical study utilized the Korean Labor and Income Panel Study (KLIPS) of 2002 and 2012. The statistical findings reveal that household wealth in the period had sharply risen in household income, asset, debt and consumption, and the substantial increase came from growing income and consumption embedded into an expansionary stage of the family life cycle. Further, housing wealth had a much greater effect on consumption expenditure than did financial asset in 2012 while financial wealth effect was larger than housing wealth effect in 2002. Housing wealth effects had become far stronger as the age of the baby-boomer householders increased. As the baby-boomers are close to the retirement stage, post-retirement income security becomes of concern, so that the wealth effect of real estate income as an income alternative for retirees is explicit. The results imply that retirement of baby-boomers is likely to reduce consumer spending, aggravating slowdown of the real economy. Thus, diversification of household asset portfolio in a pre-retirement period is of great significance in maintaining adequate household consumption in later life.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.3
• /
• pp.307-316
• /
• 2016

Reversible data hiding is a technique to hide any data without affecting the original image. Zhang proposed the encryption of original image and a data hiding scheme in encrypted image. First, the encrypted image is decrypted and uses the fluctuation function which exploits the spatial correlation property of decrypted image to extract hidden data. In this paper, the new fluctuation function is proposed to reduce errors which arise from the process extracting hidden data and the performance is verified by simulation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10C
• /
• pp.946-954
• /
• 2009

General RFID system has assumed that the communication channel between reader and back-end database is secure channel. However, the reader can be communicated with the database through insecure channel like the communication channel between the reader and the tag according to application environment. In this paper, we propose a new secure RFID mutual authentication protocol based on open network channel which assumed that all communication channels between the database, the reader and the tag are insecure communication channels. The proposed protocol uses a secure one-way hash function to provide authentication and integrity against all communication messages which exchanged on the open channels. In addition, we designed that the proposed protocol can provide forward secrecy by performing the database and the tag update their old secret key with a new secret key after finished mutual authentication.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.48 no.7
• /
• pp.847-854
• /
• 1999

The setting of protective relays, which is critical to the power system security and reliability, requires a huge volume of data processing and repetitive calculation. Since it has been performed by relay engineers manually, it is vulnerable to human errors, its computerization has been pursued, in which the efficient management of the data is the key to the success. The database for power system protection must accommodate not only the power system network data but also a variety of protective devices. Also its information should be able to be viewed and updated with easy by operators and by computer programs. This paper describes several existing database designs for power system protection, their advantages and disadvantages. Also this paper has identified the required function and designed the database for the KEPCO power system data structure for the benefit of the relay setting process, etc..